Solved

TS Gateway and OWA on different servers requiring port 443 with 1 public IP

Posted on 2008-10-27
4
1,424 Views
Last Modified: 2012-06-27
I have a network with an SBS 2003 Server that hosts OWA and some other websites that accept port 443 traffic.

I want to trial Windows 2008 TS Gateway to allow easy remote access to terminal services. I have a new 2008 virtual server set up with just what is needed for the TS Gateway service. This install was easy, but it seems I need port 443 going to this server. How can I separate the traffic for one server from that for the other?

More on the network:  There is a single public IP address that goes through a PIX Firewall and redirects to the SBS server. The SBS server has ISA 2004 installed, but the server has been set up to team the network cards (I assume for redundancy) and so ISA pretty much functions as a web cache.
0
Comment
Question by:littlehogarth
  • 2
  • 2
4 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 22823779

The only way in which I can foresee you being able to do this would be to use a differnet port number externally (say 445), which maps internally to port 443. This would be a change you'd have to make in the PIX Firewall configuration.

I would probably make the change so that:

-Port 445 (external) is open to port 443 (internal) - IP: SBS Server
-Port 443 (external) is open to port 443 (internal) - IP: 2k8 TS Gateway server

That's the only easy way by which this would be possible.

-tigermatt
0
 

Author Comment

by:littlehogarth
ID: 22827403
Yes thats what I thought.

As I believe the RDP client settings for TS Gateway cannot take a port value and so is locked to using 443. Could change the other web server, but have found some posts saying changing OWA can cause issues, plus the whole benefit of having only needing 443 open is lost.

My other thought was just manning up and getting an additional IP. Do you know if two IPs use the same modem?
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 22829223

You could ask your host regarding two IPs, but yes, you should be able to plug them into your firewall just fine.

-tigermatt
0
 

Author Closing Comment

by:littlehogarth
ID: 31510635
Thanks Tigermatt, I just didn't want to get a second IP if there was another simple way to manage this.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To effectively work with Diskpart on a Server Core, it is necessary to write some small batch script's, because you can't execute diskpart in a remote powershell session. To get startet, place the Diskpart batch script's into a share on your loca…
If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question